Social Security Top four issues to consider when shaping social media security policies.
R
eady or not, here it comes: social media has
intranet, rules surrounding discussion of proprie-
reached a tipping point, both for personal
tary information can likely be more relaxed.
and professional use. And it’s not just your
2. Accountability: User identity and authorization are
youngest employees that are getting in on the
the keys to governing the use of social media within
action—people 35 and older represent a rapidly
an intranet. Consider single sign-on for simplicity,
growing demographic for social media sites as well.
which enables you to make application changes
Even some of the most traditional, long-established
without having to upgrade security across the
enterprises are developing tools to support social
board every time. In addition, your internal com-
networks.
munications team can monitor and participate in
But what about security for social media? How can you protect against confidentiality breaches and
external social media to help guide discussions about the company on the Web.
prevent improper use? It isn’t feasible for your legal
3. Data governance: Because social media is partici-
department to review and approve every comment
patory, it can generate an enormous volume of
on every blog and posted item—but turning a blind
content. The relevance of this content may decline
eye isn’t the answer either.
quickly as the content ages, however. Your security policies should include guidelines for automated archiving of content as it progresses through its
“By instituting a carefully
useful life cycle. Information life cycle manage-
considered set of security guidelines, enterprises can harness the power of social media with a minimum of risk.”
ment (ILM) technologies can be instrumental in helping to optimize access speed and minimize storage costs—while also maintaining a record of the content for potential legal discovery or compliance verification. 4. Regular reviews: Social media technologies and uses are still evolving. The policies you create
Instead of attempting to control social media
today may not be relevant next year—so review
technologies from the top down, your company
your guidelines regularly to update and expand
should focus on developing social media participation
them as necessary. Executives from every area of
guidelines. For many organizations, these guidelines
the business—including legal, human resources,
would look similar to the policies governing accept-
marketing, public relations, and analyst relations—
able use of company e-mail. However, there are sev-
should be involved in each review.
eral additional considerations for social media: Like any participatory technology, social media is
1
1. Internet versus intranet: Your usage guidelines
virtually impossible to control from the top down. By
should address acceptable practices for social
instituting a carefully considered set of security